Tags
Language
Tags
March 2024
Su Mo Tu We Th Fr Sa
25 26 27 28 29 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

Repost: Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management

Posted By: gin.of.da.game
Repost:  Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management

Repost: Core Security Patterns: Best Practices and Strategies for J2EE(TM), by Christopher Steel
Prentice Hall Ptr (October 14, 2005) | ISBN: 0131463071 | CHM | 7.24 Mb | 1088 pages | English

Core Security Patterns is the hands-on practitioner™s guide to building robust end-to-end security into J2EE™ enterprise applications, Web services, identity management, service provisioning, and personal identification solutions.

The authors explain the fundamentals of Java application security from the ground up, then introduce a powerful, structured security methodology; a vendor-independent security framework; a detailed assessment checklist; and twenty-three proven security architectural patterns. They walk through several realistic scenarios, covering architecture and implementation and presenting detailed sample code. They demonstrate how to apply cryptographic techniques; obfuscate code; establish secure communication; secure J2ME™ applications; authenticate and authorize users; and fortify Web services, enabling single sign-on, effective identity management, and personal identification using Smart Cards and Biometrics.

Core Security Patterns covers all of the following, and more:

— What works and what doesn™t: J2EE application-security best practices, and common pitfalls to avoid

— Implementing key Java platform security features in real-world applications

— Establishing Web Services security using XML Signature, XML Encryption, WS-Security, XKMS, and WS-I Basic security profile

— Designing identity management and service provisioning systems using SAML, Liberty, XACML, and SPML

— Designing secure personal identification solutions using Smart Cards and Biometrics

— Security design methodology, patterns, best practices, reality checks, defensive strategies, and evaluation checklists

— End-to-end security architecture case study: architecting, designing, and implementing an end-to-end security solution for large-scale applications